PCI compliance standards are in place to ensure the security of cardholder data. The processes you put in place are critical to ensuring your business is protected and you maintain trust with your customers.
Why is PCI Compliance Important for Your Business?
If you accept credit and debit cards, you are responsible for safely securely storing, processing, and transmitting your cardholder data.
What is PCI Compliance?
The PCI Data Security Standard (PCI DSS) is developed and maintained by the PCI Security Standards Council to provide a set of requirements for the prevention, detection and reaction to cardholder data security breaches that could impact your business. It’s important to understand the level of PCI compliance any payment provider you work with holds and is certified for, as that will determine your level of responsibility as the business owner.
PCI Compliance and Mobile Credit Card Processing
Having a PCI compliant solution is the foundation to successfully setting your business up for growth and for maintaining existing customers because it will allow you to securely store your customers’ payment accounts for repeat business. Two examples:
- You run a fitness class and collect recurring membership fees, but you’d also like to sell bottled water onsite without asking for a credit card. Simply pull up the customer record on your mobile app, access the existing billing account, and add the charge to their profile.
- You’re a contractor who is charging an estimate fee, but plans (or hopes) to work with the client going forward. A linked billing system will automatically and securely keep that credit card or bank account in the system for future invoices, recurring payments, or other transactions.
If I only process a few credit card transactions a month, do I need to certify PCI Compliance?
Yes. Any company that has a merchant account for credit card processing is required to certify PCI Compliance.
If I only process ACH transactions, do I need to certify PCI Compliance?
No. PCI Compliance is for credit card processing only.
Why Can’t My Payment Acceptance Provider certify PCI Compliance for me?
PCI Certification is about your company, not simply about your payment processing application. So, each company must individually certify PCI Compliance with its credit card processing company directly.
However, using a PCI Level 1 provider, like PaySimple, moves responsibility for the key tasks of transmitting and storing cardholder data from your company to ours. So, the steps you need to take to certify your company’s PCI Compliance are significantly reduced. This allows you to take advantage of your provider’s PCI Certification to meet most of the PCI requirements your company would need to meet if it used its own systems for payment processing.
Once your business is verified as PCI Compliant, learn how to instill compliance throughout the day-to-day activities of your business.
For helpful information on asking the right questions when choosing a Mobile Credit Card Processing partner for your business download our [Free Guide & Checklist].